CVE-2009-1630

Severity :

Medium

Published :

2009-05-14

Modified :

2012-04-12

Base Score :

4.4

Details :

The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.